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Introduction 

Over the past decade the Internet has become a major aspect of human connection. Major tasks 
done by MNCs, governments and individuals are done on the internet. However, this may leave 
the people exposed to hackers who may gain access to confidential information that 


companies/governments may not want to show others. This is where encryption comes in. 


Encryption is the process of converting messages, data or information into an unreadable format 
by anyone except the intended recipient. This is called encrypted data and can be decrypted only 
using a secret key (decryption key) and the recipient has the key which can decipher the 
encrypted data”. The encrypted data is normally referred to as ciphertext and decrypted data is 


referred to as plaintext?. 


There are mainly two types of encryption algorithms: 
1. Symmetric algorithms: Algorithms where only one key is used to encrypt and decrypt the 
electronic information. The sender must share the key with the recipient so that the 
recipient can decrypt the data. Once the key is used by the recipient, the algorithm 


reverses the action done to encrypt the data and the message becomes readable again. 


t Jackob, Melis. “History of Encryption.” Web. 28 Aug. 2019 
<https://www.sans.org/reading-room/whitepapers/vpns/history-encryption-730> 


2 Lord, Nate. “What Is Data Encryption? Definition, Best Practices & More.” Data Insider, Digital Guardian, 15 July 
2019, Web. 27 Aug. 2019 
<https://digitalguardian.com/blog/what-data-encryption> 


The code used by the sender can either be a string of letters and numbers or numbers 
generated by a random number generator?. Some examples are AES, Blowfish, DES. 

2. Asymmetric algorithms: These algorithms use two keys to encrypt a plain text. The secret 
keys are exchanged on the internet or over a Large Area Network. This is known as the 
public key. The other key isn't available on the internet and is only with the sender and 
the receiver in order to boost security”. This is known as the private key. Either of the keys 
can be used to encrypt the message. The other one is then used to decrypt the message. 
These keys aren't identical, hence the name asymmetric. Many protocols like SSL, 
OpenPGP, SSL/TLS rely on asymmetric encryption algorithms for encryption of data and 
digital signature functions”. Because of the two keys, these algorithms are generally 
considered to be more secure than the symmetric encryption algorithms. Some examples 
are RSA (Rivest-Shamir- Adleman), DSA (Digital Signature Algorithm) and ECC (Elliptic 


curve cryptography). 


3 Smirnoff, Peter, and Dawn M Turner. “Symmetric Key Encryption - Why, Where and How It's Used in 
Banking.” Cryptomathic, Cryptomathic, 18 Jan. 2019, Web. 27 Aug. 2019 
<https://www.cryptomathic.com/news-events/blog/symmetric-key-encryption-why-where-and-how-its-used-in- 


banking> 


4 Publishers. “Symmetric vs. Asymmetric Encryption - What Are Differences?” Global SSL Provider, SSL2BUY, 7 Feb. 
2019, Web. 27 Aug. 2019 
<https://www.ssl2buy.com/wiki/symmetric-vs-asymmetric-encryption-what-are-differences> 


5 Rouse, Margaret. “What Is Asymmetric Cryptography? - Definition from WhatIs.com.” SearchSecurity, 
TechTarget, July 2019, Web 27 Aug. 2019 
<https://searchsecurity.techtarget.com/definition/asymmetric-cryptography> 


Block ciphers and Stream ciphers 
A cipher is the algorithm that performs encryption”. The two types of ciphers are: 
1. Block ciphers: This method divides the data into blocks which is then encrypted to 
produce blocks of ciphertext. AES and RSA are examples of block ciphers. 
2. Stream ciphers: This method takes in a stream of data and operates on it bit by bit. It 
consists of two components: a cryptographic key and an algorithm. Examples are RC4, 
RC2 and RC5. 
This method is not used much nowadays because it's alternative, block cipher acts on 


blocks of data instead of bits. 


Research Question 


How is AES symmetric encryption algorithm more efficient in regards to the speed and memory 
used compared to the RSA asymmetric algorithm when encrypting /decrypting alphanumeric 


data? 


5 “What Is a Cipher? - Definition from Techopedia.” Techopedia.com, Techopedia, 
Web. 28 Aug. 2019 


<https://www.techopedia.com/definition/6472/cipher> 


AES Encryption Algorithm 

AES encryption algorithm is a symmetric block cipher chosen by the US government” and is used 
in software and hardware devices throughout the world to encrypt sensitive data®. The National 
Institute of Standards and Technology(NIST) started the development for the AES algorithm in 
1997 when its predecessor, DES started becoming vulnerable to brute force attacks. A brute force 
attack is a cryptographic hack which relies on guessing the password till the correct password is 


found”. 


The AES being a block cipher is capable of 128 bit blocks with a key size of either 128, 192 or 256 
bits(192 and 256 used only for heavy duty encryption purposes). This is the only publicly available 
software which is approved by the National Security Agency to protect government information 
at the highest levels of security clearance and can only be vulnerable to very large brute force 


attacks. 


7 DeMuro, Jonas. “What Is AES?” TechRadar, TechRadar Pro, 29 Oct. 2018, Web. 3 Sept. 2019 
<https://www.techradar.com/in/news/what-is-aes> 


8 Rouse, Margaret. “What Is Advanced Encryption Standard (AES)? - Definition from WhatIs.com.” SearchSecurity, 
Mar. 2017, Web. 1 Dec. 2019 
<https://searchsecurity.techtarget.com/definition/asymmetric-cryptography> 


9 “What Is a Brute Force Attack?” Forcepoint, Forcepoint, 30 Oct. 2019, Web. 1 Dec. 2019 
<https://www.forcepoint.com/cyber-edu/brute-force-attack> 


The structure of the AES Encryption algorithm 
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-Number of rounds: 10 rounds 


-Key size:128 bits 
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-Number of subkeys: 44 

| | 
-Single subkey size: 32 bits 128 bit ciphertext block 128 bit ciphertext block 
-Subkeys used in each round: 4 


AES Encryption AES Decryption 
-Subkeys used in pre-round 
Figure 1: AES Encryption and Decryption process 
calculation: 4 


-Resultant ciphertext: 128 bits 


AES encryption follows the structure shown on the left. When the size of the key is 128 bits, the 
number of rounds is 10. Similarly, when the key size is 192 bits, the number of rounds is 12 and 
14 when the key size is 256. These are found using the following formula: 


key size 


Numb ds = 
umber of rounds 37 


Before the encryption process begins, the input array is XORed with the first four words of the 
key schedule. The same happens during the decryption process, except the ciphertext state array 


is XORed with the last four words of the Rjindael's key schedule. 


The AES algorithm breaks data into 4 x 4 tables which are referred to as state arrays. In a cipher 


with a 128-bit key, a two dimensional array with 4 rows and 4 columns is formed where each 


input in the array is one byte. Therefore, there are 16 bytes in total. This can be represented by 


the diagram: 


There are four steps to each round in AES encryption: 
1. Substitute bytes 
2. Shift rows 
3. Mix columns 


4. Add round key 


For decryption, each round consists of the following four steps: 


1. Inverse add round key 
2. Inverse mix columns 
3. Inverse shift rows 


4. Inverse byte substitution 


Plain text(128 bits) 


Add round key €—— Kg [Wo to W5] 


Substitute bytes 


| 


Shift rows 


| 


Mix columns 


| 


Add round keys«—— K1 [W83 to W;] 


The input value is stored in a two dimensional array, 
a 4x4 table which looks like the table shown on the 


left: 


Each value hasa size of 8 bits, therefore, 
16 x 8 = 128 bits 


Which is the size of the plaintext input. 


The output array is exactly the same. 


In both encryption and decryption, during the add round key step, the output of the previous 
step (three for encryption, two for decryption) is XORed with four words from the key schedule. 


The last round for both encryption and decryption does not involve the Mix columns step. 


The four steps in each round of processing: 

1. Substitute bytes”: In this step, byte-by-byte substitution occurs using a rule that is the 
same for all encryption rounds. For the decryption process, the rule will change, but it will 
remain the same for all the ten rounds (provided that the key size is 128 bits). 

There are two ways of performing the byte substitution process. They are: 
- The modern way: Java uses this way of finding a substitute byte. In this step, a given 
byte is substituted by a different byte using a pre-computed 256-element array. 
- The traditional way: In this step, a 16x16 lookup table is used in order to find the 
substitute bytes. 
The goal of this step is to reduce the correlation between the input and the output bits at the 
byte level and it is done in such a way such that it cannot be described by a mathematical 
function. 

2. Shift Rows: The following circular transformations in the state array take place in this step 

during encryption: 
- First row does not shift at all 


- The second row shifts by one byte to the left 


The third row shifts by two bytes to the left 


- The last row shifts by three bytes to the left 


ip Kak, A. “Lecture 8: AES: The Advanced Encryption Standard Lecture Notes on “Computer and Network 
Security.” Engineering, Purdue University, 31 Jan. 2019, Web. 1 Dec. 2019 
<https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture8.pdf> 


These steps can be represented by the following diagram: 


50.0 50,1 50,2 50,3 50.0 50,1 502 50,3 
51.0 51,1 512 51,3 EE 51.1 S12 513 51,0 
52.0 52,1 522 52,3 522 823 520 52,1 
53.0 531 532 533 53.3 530 931 93,2 


For decryption, the steps take place in opposite order. The first row remains unchanged, the 
second row is shifted to the right by one byte, the third row by two bytes to the right and the last 


row by three bytes to the right, all shifts being circular. This can be shown by the following 


diagram: 
50.0 50,1 50,2 50,3 50.0 50,1 50,2 50,3 
$10 $11 $12 913 | — < $1.3 510 511 912 
52.0 $21 $22 523 $22 523 520 521 
53.0 83,1 532 53,3 53.1 83,2 533 53,0 


3. Mix Columns: This step replaces each byte of a column by a function of all the bytes in the 
same column. 
Each byte in a column is replaced by two times that byte, plus three times the next byte, plus the 
byte that comes next, plus the byte that follows. 


The operations in each column can be shown by the following diagram: 


02 03 01 01 $0.0 80,1 80,2 80,3 Soo Sbi 302 303 
01 02 03 01 Sio S11 S12 $13] _ | Sp 511 So S13 
01 01 02 03 S20 52,1 S22 S23 S20 521 $22 $93 
[03 01 Ol 02| | S30 83,1 832 833 | 530 531 532 533 | 


4. Add Round Key: This is the most important stage in the encryption algorithm as it provides 
uniqueness to the encryption. Due to this stage, it becomes a complex operation to 
decrypt. The values of the array after this stage depend on the subkey (same size as the 
state array) is computed using Rjindael's Key Schedule. Once a subkey is generated, the 
following steps are applied to the state array which results in the sum of the state and 
subkey being obtained: 

- Rotate: This step is to rotate the bytes that form the word 1 byte to the left. This step 
is similar to the second step of the Shift Rows step. 

- Rcon: Name of a sub-operation applied to the state array after the rotate step. 

- Key expansion: This step expands the main key to the required number of keys. 


However, due to the complexity of this process, it won't be explained in this paper. 


128 bits/4 words 44 words 


Figure 2: Key Expansion process where 4 words/128 bits are expanded to 44 words 
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To better understand the process, we can take the help of an example": 
- let's say that the string we want to encrypt is “Thats my Kung Fu”. 


- To perform the steps of encryption, first, we have to convert the text into ASCII 


characters: 
T s 9| [54 73 20 67 
h K Pi 68 20 4B 20 
am u F 61 6D 75 46 
t y n ul 174 79 6E 75 


- let's say that our key for the round is ‘Two One Nine Two’. This translated to 


hexadecimal becomes: 


T O N 54 4F 4E 20 
w n i T| ||77 6E 69 54 
o enw 6F 65 6E 77 

e o 20 20 65 6F 


- Now, the state array is XORed with the round keys, for example 69 ® 4B becomes 22: 


0110 1001 
0100 1011 
0010 0010 


- After the XOR process, the new matrix becomes: 


00 3C 6E 47 
1F 4E 22 74 
OF 08 1B 31 
54 59 0B 1A 


- After performing the substitute bytes step using the traditional method, the matrix 


becomes: 


UH “AES Example - Input (128 Bit Key and Message).” AES Example. Kavaliro, Web. 2 January 2020 
< https://kavaliro.com/wp-content/uploads/2014/03/AES.pdf> 


12 


63 EB 9F A0 
CO 2F 93 92 
AB 30 AF C7 
20 CB 2B A2 


- Performing the shift rows step: 


63 EB 9F A0 
2F 93 92 CO 
AF C7 AB 30 
A2 20 CB 2B 


- Performing the mix columns step: 


02 03 01 01||63 EB 9F A0 BA 84 E8 1B 
01 02 03 01||2F 93 92 CO| | 75 A4 8D 40 
01 01 02 O03|JAF C7 AB 30 F4 8D 06 7D 
03 01 01 021142 20 CB 2B 7A 32 OE 5D 


- The array after the add round key step and the first round of encryption becomes: 


58 15 59 CD 
47 B6 D4 39 
08 1C E2 DF 
8B BA E8 CE 


The steps shown above happen ten times, after which the final encrypted array is obtained. 


RSA Encryption Algorithm 

The RSA Algorithm is the most famous asymmetric encryption algorithm!?. The name RSA comes 
from its founders: Ron Rivest, Ali Shamir and Leonard Adelman. It is a public key algorithm and is 
considered to be the standard for encrypting data over the internet. Being an asymmetric 


algorithm, it has all the advantages and disadvantages that come with asymmetric algorithms. 


The working of the RSA algorithm is as follows: 
Being an asymmetric algorithm, the algorithm has a public key and a private key. They are 
calculated using the following steps: 
1. Consider two large prime numbers: p and q. They have to be large in order to make the 
ciphertext secure and not be vulnerable to brute force attacks. 
2. Calculaten = p * q 
3. Calculate Euler’s totient function for n. Euler's totient function, is defined as the number 
of positive integers less than or equal to n that are coprime to (i.e., do not contain any 
factor in common with) n, where 1 is counted as being coprime to all numbers. Since a 
number less than or equal to and coprime to a given number is called a totative, the 
totient function d(n) can be simply defined as the number of totatives of n7?. For example, 


(1) =1. Some of the values that the function returns for the first few numbers are: 


12 “The Mathematical Algorithms of Asymmetric Cryptography and an Introduction to Public Key 

Infrastructure.” Infosec Resources, 7 Feb. 2017, Web. 9 Sept. 2019 

< https://resources.infosecinstitute.com/mathematical-algorithms-asymmetric-cryptography-introduction-public- 
key-infrastructure/#gref 5 

B Weisstein, Eric W. “Totient Function.” From Wolfram Math World, Wolframalpha, Web. 1 Dec. 2019 


<http://mathworld.wolfram.com/TotientFunction.html> 
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10 


where M is the plaintext. Then, the ciphertext is formed using the formula: 


pn) 


numbers coprime 
ton 


1,2,3,4 


1,5 


1,2,3,4,5,6 


1,3,5,7 


1,2,4,5,7,8 


1,3,7,9 


Assume e to be the encryption key. It is calculated by using a number x such that the 


highest common factor of x and 0(n) is 1. 
Assuming d to be the decryption key. It is calculated such that (d * e) mod p(n) = 1. 


Now, the public key and private key can be formed: 


Public key: {e, n} 


Private key: {d, n} 


The encryption process: The condition before starting the encryption process is that M<n 


15 


C = M* mod n where Cis the ciphertext. 


Here, it must be understood that M can only take numeric values. In order to take worded 


messages like, “hello world”, each alphabet’s ASCII values are taken. This can be represented like: 


The plaintext would be 48 65 6C 6F 20 57 6F 72 6C 64 (hexadecimal). Some junk values are added 
to the start and the end which makes it harder for hackers to decrypt the data. This process is 
called padding due to which the plaintext would look something like not at all like the plaintext 


which is then used as the plaintext and the formula can be applied to form the ciphertext. 


The decryption process: The plaintext can be calculated using the formula: 


M = C4 mod n where M is the plaintext. 
Let’s perform a simple RSA Encryption process using small numbers for understanding 
purpose. However, in proper encryption processes, the numbers have to be large in order 
to have good security. 

1. Let p=3 and q=5 

2. n=p*q=3x*5=15 

3. dm) =(B3-1)(5-1)=2*4=8 

4. eis a number such that e and #(n)’s HCF is 1. Therefore, assuming e to be 3, the HCF of 
4 and 8 is 1, therefore the value of e is 3. 

5. Calculating d: 


(d xe) mod p(n) = 1. 


(d*3)mod8=1 
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If dis assumed to be 3, then the equation is true. Hence, the value of dis 3. 


6. Now, the public key is {3,15} and the private key is also {3,15}. 

7. Encryption: The condition that M<n has to be satisfied. Therefore, M has to be less than 
15. Let's assume the plaintext to be 10. 
C = M* mod n = 10? mod 15 = 1000 mod 15 = 10. Hence, the value of e is 10. Since, 
this the prime numbers taken are small, the value is the same but if we take large prime 
numbers and perform the padding process, the value will change. 


8. Decryption: 


M = C? mod n = 103mod 10 = 10. Therefore, the same plaintext is obtained. 


Experiment 


Comparing the efficiency of AES and RSA encryption algorithms with respect to speed and 
memory used. 


Methodology 


Primary experimentation will provide a majority of the data used in this extended essay. 


To compare the speed of the two algorithms, Java programs have been written! where there 
is atime function (found in .util package) which will allow me to get the time taken to encrypt 
a given string in nanoseconds. For executing the Java programs, NetBeans IDE, version 8.2 
will be used to run the values and get the time taken to encrypt and decrypt the values. To 


get the time taken by each program, | will use the nanoTime() function provided by Java. 


'4 Refer to appendix for code 
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To compare the memory used by the two algorithms, the program used to compare the 
speed will be used. To get the memory used by the encryption and decryption process, the 
totalMemory() and freeMemory() function will be used (found in .util package) and subtract 
the two values before and after the functions to encrypt and decrypt the values are called. 
This will provide an estimated value as the value will count in the function calling and other 


processes as well, but will provide an estimate for the comparison of the two algorithms. 


Due to the presence of various background processes on the computer, a fixed value for the time 


taken or the memory used won't be possible and hence, the average of five trials will be taken. 


As the research question states, this extended essay will compare the two parameters using 
alphanumeric data. Therefore, the experiment will be conducted 3 times: first being only 
using alphabets, second only using numbers and third using both in a mixed string. The three 


strings are as follows: 


1. Alphabets: “buy me a cake” 
2. Numbers: “1902319181” 


3. Alphanumeric: “430 Wood Street, 47906, Jakarta” 
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Hypothesis 


My hypothesis is that AES will be faster that RSA to encrypt and decrypt the values and 


wouldn't use as much memory and thus is good enough to protect it from hackers, but 


wouldn't be good enough against large scale brute-force attacks. 


Results 


1. String with only alphabets (“buy me a cake”): 


Time taken: 


Trial 1 


Trial 2 


Trial 3 


Trial 4 


Trial 5 


Data calculation: 


Calculating the mean value of AES timings: 


Calculating the mean value of RSA timings: 


336 


201 


320 


115 


256 


336 +201+320 +115 +256 


RSA (in nanoseconds) 


235 


295 


296 


322 


547 


| = 245.6 nanoseconds 


235+295+296+322+547 


5 = 339 nanoseconds 
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Memory used: 


Trial 1 

13.355 
Trial 2 13.357792 
Trial 3 13.412088 
Trial 4 13.397936 
Trial 5 13.364272 


Data Calculation: 


Calculating the mean value of the memory used by AES: 


13.357 792+13.412088+13.397936+13.355 +13.364272 
5 


= 13.3774176 KB 


Calculating the mean value of the memory used by RSA: 


27.49188+31.90023+28.93351+29.760448+30.438008 
5 


= 29.7048152 KB 


2. String with only numerical values (“1902319181”): 


Time taken: 
Trial 1 163 
Trial 2 189 
Trial 3 122 


RSA (in KB) 


27.49188 


31.90023 


28.93351 


29.760448 


30.438008 


RSA (in nanoseconds) 


292 


265 


339 
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Trial 4 217 316 


Trial 5 195 277 


Data calculation: 


163+189+122+217+195 
5 


Calculating the mean values of the AES timings: = 177.2 nanoseconds 


292 +265+339+316+316+277 
5 


Calculating the mean values of the RSA timings: 297.8nanoseconds 


Memory used: 


Trial 1 13.411856 29.095424 
Trial 2 13.389632 30.102696 
Trial 3 13.328792 31.096123 
Trial 4 13.35568 32.75972 

Trial 5 13.355784 28.431168 
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Data Calculation: 


Calculating the mean value of the memory used by AES: 


13.411856+13.389632+13.328792+13.35568+13.355784 
5 


= 13.3683488 KB 


Calculating the mean value of the memory used by RSA: 


29.095424+30.102696+31.096128+32.75972+28.431168 
5 


= 30.3170819 KB 


3. String with alphanumeric values (“430 Wood Street, 47906, Jakarta”) 


Time taken: 
| AES (in nanoseconds) RSA (in nanoseconds) 
Trial 1 238 480 
Trial 2 166 233 
Trial 3 155 360 
Trial 4 132 280 
Trial 5 145 345 


Data calculation: 


238+166+155+132+145 
5 


Calculating the mean values of the AES timings: = 167.2 nanoseconds 


480 +233 +360 +280 +345 
5 


Calculating the mean values of the RSA timings: = 339.6 nanoseconds 
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Memory used: 


Trial 1 13.355584 32.102376 
Trial 2 13.355616 28.423992 
Trial 3 13.36424 29.430352 
Trial 4 13.345008 30.432024 
Trial 5 13.3555752 31.5653344 


Data calculation: 


Calculating the mean value of the memory used by AES: 


13.355584+13.355616+13.36424+13.345008+13.3555752 
EE EE n 13.3552046 KB 


Calculating the mean value of the memory used by AES: 


32.102376+28.423992+29.430352+30.432024+31.5653344 


= 30.3908168 KB 
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Analysis 


Time taken: 
| AES (in nanoseconds) RSA (in nanoseconds) 
Alphabets 245.6 339 
Numbers 177.2 297.8 
Alphanumeric 167.2 339.8 
TIME TAKEN BY AES AND RSA FOR ALL THREE DATA TYPES 
400 
350 
300 
250 
200 
150 
100 
50 
0 


Alphabets Numbers Alphanumeric 


m AES (in nanoseconds) =m RSA (in nanoseconds) 


Graph 1: Timings for AES and RSA 


As it can be seen from the graph, the AES algorithm is consistently faster than the RSA algorithm 
for all three types of data, being around 172 nanoseconds faster for alphanumeric data, around 
94 nanoseconds faster for alphabetical data and approx. 121 milliseconds faster for numerical 
data. Keeping in mind that only a small string for all the types of data was used while comparing 


the two algorithms, the difference between the two algorithms would be more pronounced 
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when comparing the two algorithms using large datasets which would be the situation in real life 
scenarios. The hypothesis therefore holds true, with AES being faster than RSA by quite a 


significant amount. 


Memory used: 
Alphabets 13.3774176 29.7048152 
Numbers 13.3683488 30.3170819 
Alphanumeric 13.3552046 30.3908168 


MEMORY USED BY AES AND RSA FOR ALL 3 DATA TYPES 


35 


25 
20 
15 
Å i i 
0 


Alphabets Numbers Alphanumeric 


UI 


HAES (in KB) mi RSA (in KB) 


Graph 2: Memory used by AES and RSA 


As it can be seen from graph 2, AES takes up less than half the memory used by RSA with it using 


13 KB compared to the 30 KB used by RSA. Again, keeping in mind that only a small string was 
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used for all the different types of data while comparing the algorithms, the difference would be 


more pronounced in real life scenarios. Therefore, the hypothesis holds true here as well, with 


AES being more efficient than RSA by quite a margin. 


Evaluation 


The programs?” were appropriate methods of evaluating: 


1, 


2. 


The memory used by the two algorithms to encrypt and decrypt the three different types 
of data. The higher the memory usage, the more the memory required to perform the 
task, hence the requirements of a system will be higher, increasing the costs. Therefore, 
AES is more advisable in real life scenarios due to its lesser memory usage. 

The time taken by each algorithm to encrypt and decrypt the different types of data. A 
lesser encryption/decryption time results in the system being faster and more responsive. 
data. The programs provided the time taken in nanoseconds quite accurately and as 
hypothesized, AES was quicker than RSA because of various factors such as the number 
of operations required to be done by each algorithm, the size of the key used and the 
type of operations. Therefore, RSA requires a more powerful system in order to 
encrypt/decrypt large files with sizes in gigabytes or larger than AES. Hence, AES is more 
advisable in real life scenarios due to its lower time and hence, lesser system 


requirements. 


Overall, the AES algorithm is more efficient in most real-life scenarios. However, data which 


absolutely cannot be risked should not be encrypted using the AES algorithm because it is more 


15 Refer to appendix for code 
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vulnerable to large brute force attacks. In this scenario, asymmetric algorithms like RSA are more 
useful and do a much better job at encrypting the data. 


Limitations 


There were some limitations in the experiment that need to be taken a note of: 


1. Asthe number of processes the CPU has cannot be fixed, the values for each result varies. 
However, to keep this error to a minimum, whenever a new reading had to be taken, the 
computer was restarted and when booted up, only NetBeans was opened so that the 
number of processes were kept to a minimum. Moreover, an average of 5 readings were 
taken so as to provide the most accurate readings possible. 

2. Small strings of all types of data were used which wouldn’t represent real life scenarios 
where huge files with sizes over a gigabyte are encrypted. This couldn’t be done due to 
the unavailability of a computer that could perform the task in a reasonable amount of 


time. 
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Conclusion 


In this paper, the difference between AES Symmetric Encryption Algorithm and RSA Asymmetric 
Encryption Algorithm's efficiency in terms of time taken to encrypt and decrypt and memory 
used during the encryption/decryption process was analysed. Both the algorithms’ working was 


also provided. 


After code experimenting and collecting the results, it was found that the hypothesis was proved 
to be correct as AES was faster than RSA and was more efficient in terms of the memory used. 
This trend was followed for all three data types, namely numeric, alphabetical and alphanumeric 
data. There were some limitations in the experimental procedure, the most important one being 
the randomness in the experiment due to the different number of processes the CPU had. 


However, precautions were taken in order to keep them to a minimum. 


It was found out in the evaluation that AES is better than RSA for most use scenarios except 
during the transfer of highly sensitive data, where RSA was preferred. Hence, the research 
question, “How is AES symmetric encryption algorithm more efficient in regards to the speed 
and memory used compared to the RSA asymmetric algorithm when encrypting /decrypting 
alphanumeric data?” was answered both qualitatively, through the analysis and evaluation and 


quantitatively, through the results of the experiment. 
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Appendix 


The following code was used for my experiments (heavily adapted from the sources cited below). 


| used it to run the programs for AES and RSA and get the time taken and memory used. 


Program for AES Encryption Algorithm?® 


1. Alphabetical data 


java. io.UnsupportedEncodingException 
java.security.MessageDigest 
java.security.NoSuchAlgorithmException 
java.util. 


javax.crypto.Cipher 
javax.crypto. spec. SecretKeySpec 


AES { 


SecretKeySpec secretKey 
[] key 


(String myKey) 
MessageDigest sha = 


key = myKey.getBytes ( ) 

sha = MessageDigest. getInstance ( 
key = sha.digest (key) 

key = Arrays.copyOf(key, 16) 
secretKey = SecretKeySpec ( key 


(NoSuchAlgorithmException e) { 
e.printStackTrace() 


(UnsupportedEncodingException e) { 
e.printStackTrace() 


(String strToEncrypt, String secret) 


16Ray, Dhiraj. “AES Encryption and Decryption in Java(CBC Mode): Java Code Geeks - 2019.” Java Code Geeks, Java 
Code Geeks, 12 Mar. 2018, Web. 12 Jun. 2019 < 
> 
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setKey (secret) 

Cipher cipher = Cipher. getInstance ( 

cipher.init(Cipher. ) 
Base64.getEncoder() . encodeToSt ring (cipher. doFinal(strToEncrypt. getBytes ( 


(Exception e) 


System. «println( + e.toString()) 


String decrypt(String strToDecrypt, String secret) 


setKey (secret) 
Cipher cipher = Cipher. getInstance ( 
cipher.init(Cipher. ) 


String (cipher. doFinal(Base64. getDecoder ( ) .decode( strToDecrypt) ) ) 


(Exception e) 


System. «println( + e.toString()) 


main(String[] args) 
String secretKey = 
Scanner obj= Scanner (System. in) 


String encryptedstring = AES.encrypt ( secretKey) 
String decryptedString = AES.decrypt(encryptedString, secretKey) 


System. .println(encryptedstring) 

System. «println(decryptedString) 
startTimezSystem. nanoTime ( ) 
endTime=System. nanoTime() 


System. .println( time t #(endTime-startTime) ) 


2. Numeric data 


java. io. UnsupportedEncodingException 
java. security.MessageDigest 

java. security. NoSuchAlgorithmException 
java.util.x 


javax.crypto.Cipher 
javax. crypto. spec. SecretKeySpec 


AES { 


SecretKeySpec 
[] 


setKey(String myKey) 


MessageDigest sha = 
{ 
= myKey.getBytes ( ) 
sha = MessageDigest. getInstance ( 
sha.digest ( ) 
= Arrays.copyOf( 16) 
= SecretKeySpec( 


(NoSuchAlgorithmException e) { 
e.printStackTrace() 


(UnsupportedEncodingException e) { 
e.printStackTrace() 


String encrypt(int intToEncrypt, String secret) 


setKey(secret) 
Cipher cipher = Cipher.getInstance( 
cipher.init(Cipher. 


) 


Base64.getEncoder() . encodeToSt ring (cipher. doFinal(strToEncrypt. getBytes ( 
3 


(Exception e) 
{ 
System. .println( 
} 


String decrypt (String strToDecrypt 


+ e.toString()) 


String secret) 


setKey (secret) 
Cipher cipher = Cipher. getInstance ( 
cipher.init(Cipher. ) 


String (cipher. doFinal(Base64. getDecoder ( ) .decode( strToDecrypt) ) ) 
3 
(Exception e) 
{ 
System. «println( + e.toString()) 
3 


main(String[] args) 
String secretKey = 
Scanner obj= Scanner(System. in) 


String encryptedString = AES.encrypt ( secretKey) 
String decryptedString = AES.decrypt (encryptedString, secretKey) 


System. .println(encryptedstring) 

System. .println(decryptedstring) 
startTime-System. nanoTime ( ) 
endTime=System. nanoTime ( ) 


System. .println( #(endTime-startTime) ) 


3. Alphanumeric data 


java. io. UnsupportedEncodingException 
java. security.MessageDigest 

java. security. NoSuchAlgorithmException 
java.util.x 


javax.crypto.Cipher 
javax. crypto. spec. SecretKeySpec 
AES { 


SecretKeySpec 
[] 


setKey(String myKey) 


MessageDigest sha = 
H 
= myKey.getBytes ( ) 
sha = MessageDigest. getInstance ( 
sha.digest (key) 
= Arrays. copy0f( 16) 
= SecretKeySpec( 


(NoSuchAlgorithmException e) { 
e.printStackTrace() 


(UnsupportedEncodingException e) { 
e.printStackTrace() 


String encrypt(String strToEncrypt, String secret) 


setKey (secret) 
Cipher cipher = Cipher. getInstance ( 
cipher.init(Cipher. ) 


Base64. getEncoder ( ) . encodeToSt ring (cipher. doFinal(strToEncrypt. getBytes ( 


(Exception e) 


System. «println( + e.toString()) 


String decrypt(String strToDecrypt, String secret) 


setKey (secret) 
Cipher cipher = Cipher. getInstance ( 
cipher.init(Cipher. ) 


String (cipher. doFinal (Base64. getDecoder ( ) . decode(strToDecrypt) ) ) 
3 


(Exception e) 


{ 
System.out.println( : + e.toString()) 


} 


main(String[] args) 


String secretKey = 


Scanner obj= Scanner(System. in) 


String encryptedString = AES.encrypt ( 
secretKey) 
String decryptedString = AES.decrypt(encryptedString, secretKey) 


System.out.println(encryptedString) 

System.out.println(decryptedString) 
startTime=System.nanoTime() 
endTime=System.nanoTime() 


System.out.println( #(endTime-startTime) ) 


Program for RSA Encryption Algorithm?’: 


1. Alphabetical data 


.io.DataInputStream 
.io.I0Exception 
„math.BigInteger 
.util.Random 


RSA { 
BigInteger p 
BigInteger q 
BigInteger N 
BigInteger phi 
BigInteger e 


BigInteger d 
bitlength = 1024 
Random r 


Ont 
Random( ) 
= BigInteger.probablePrime(bitlength, r) 
BigInteger.probablePrime(bit length, r) 
= p.multiply(q) 
= p.subtract(BigInteger.ONE) .multiply(q.subtract (BigInteger. ONE) ) 
= BigInteger.probablePrime(bitlength / 2, r) 
(phi.gcd(e).compareTo(BigInteger.ONE) > Ø & e.compareTo(phi) < 0) { 


17 «RSA Encryption and Decryption in Java.” Devglan, Devglan, 10 Mar. 2018, Web. 12 Jun. 2019 
< > 
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} 


.add(BigInteger. 


.modInverse( ) 


RSA(BigInteger e, BigInteger d, BigInteger N) { 
.e=e 

=d 

=N 


@SuppressWarnings ( ) 


main(String[] args) IOException { 
RSA rsa = RSA() 
DataInputStream in = DataInputStream(System. in) 
String teststring 


teststring = 
System. .println( + teststring) 
System. «println( 

+ bytesToString(teststring.getBytes())) 


[] encrypted = rsa.encrypt(teststring.getBytes()) 


[] decrypted = rsa.decrypt(encrypted) 
System. .println( + bytesToString(decrypted)) 
System. «println( + String(decrypted) ) 


startTime = System.nanoTime() 
endTime = System.nanoTime() 


System. .println( + (endTime - startTime) ) 
String bytesToString( [] encrypted) { 
String test = 
( b : encrypted) { 
test += Byte. toString(b) 


LESE 


[] encrypt( [] message) { 
( BigInteger (message) ) .modPow( ). toByteArray() 


[] decrypt ( [] message) { 
( BigInteger (message) ) .modPow( ). toByteArray() 


BigInteger (message) ) .modPow( 


} 


2. Numeric data 
io.DataInputStream 
io. IOException 
math.BigInteger 
util.Random 


RSA { 
BigInteger 
BigInteger 
BigInteger 
BigInteger 
BigInteger 
BigInteger 


Random 


RSA() { 
Random( ) 
BigInteger. probablePrime ( 
BigInteger. probablePrime ( 
.multiply(q) 
= p.subtract(BigInteger. 
BigInteger.probablePrime ( 


(phi.gcd(e).compareTo(BigInteger. 


.add(BigInteger. ) 


„modInverse( ) 


RSA(BigInteger e 
ese 
=d 


=N 
} 


@SuppressWarnings ( ) 


main(String[] args) 


RSA rsa = RSA() 
DataInputStream in = 
int testInt 


testInt - 
System. 
System. 


.println( 
.println( 


). toByteArray() 


) 
) 


) .multiply(q. subtract(BigInteger. 
# PA IF) 


) > O && e.compareTo( 


BigInteger d, BigInteger N) { 


IOException { 


DataInputStream(System. in) 


+ teststring) 


+ bytesToString(teststring.getBytes())) 


[] encrypted = rsa.encrypt(teststring.getBytes()) 


[] decrypted = rsa.decrypt (encrypted) 
System. .println( + bytesToString(decrypted)) 
System. .println( + String(decrypted) ) 


startTime = System.nanoTime() 
endTime = System.nanoTime() 


System. .println( + (endTime - startTime) ) 


String bytesToString( [] encrypted) 
String test = 
( b : encrypted) { 
test += Byte. toString(b) 


LESE 


[] encrypt( [] message) 1 
( BigInteger (message) ) .modPow( ). toByteArray() 


[] decrypt ( [] message) { 
( BigInteger (message) ) .modPow( ). toByteArray() 
} 
} 
BigInteger (message) ) .modPow( ). toByteArray() 


io.DataInputStream 
io. IOException 
math.BigInteger 
util.Random 


RSA { 
BigInteger 
BigInteger 
BigInteger 
BigInteger 
BigInteger 
BigInteger 


Random 


RSA() { 
Random( ) 
BigInteger. probablePrime ( 
BigInteger. probablePrime ( 
.multiply(q) 
= p.subtract(BigInteger. ).multiply(q.subtract(BigInteger. )) 


BigInteger. probablePrime ( Dn) 


(phi.gcd(e).compareTo(BigInteger. ) > 0 88 e.compareTo(phi) < 


.add(BigInteger.ONE) 


.modInverse( ) 


RSA(BigInteger e, BigInteger d, BigInteger N) { 
=e 

=d 

SN 
} 


@SuppressWarnings ( ) 
main(String[] args) IOException { 
RSA rsa = RSA() 
DataInputStream in = DataInputStream(System. in) 
String teststring 


teststring = 
System. .println( + teststring) 
System. .println( 

+ bytesToString(teststring.getBytes())) 


[] encrypted = rsa.encrypt(teststring.getBytes()) 


[] decrypted = rsa.decrypt(encrypted) 
System. .println( + bytesToString(decrypted)) 
System. .println( + String(decrypted) ) 


startTime = System.nanoTime() 
endTime = System.nanoTime() 


System. .println( > + (endTime - startTime) ) 
String bytesToString( [] encrypted) 
String test = 
( b : encrypted) { 
test += Byte. toString(b) 


test 


[] encrypt ( [] message) { 
( BigInteger (message) ) .modPow( ). toByteArray() 


[] decrypt ( [] message) { 
( BigInteger (message) ) .modPow( ). toByteArray() 


} 


BigInteger(message) ) .modPow( ). toByteArray() 


} 


} 
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